CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27434 – WordPress Classic Editor and Classic Widgets Plugin <= 1.2.5 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-27434
03 Mar 2023 — The Classic Editor and Classic Widgets plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.5. • https://patchstack.com/database/vulnerability/classic-editor-and-classic-widgets/wordpress-classic-editor-and-classic-widgets-plugin-1-2-4-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27436 – WordPress Elegant Custom Fonts Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-27436
03 Mar 2023 — The Elegant Custom Fonts plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0. • https://patchstack.com/database/vulnerability/elegant-custom-fonts/wordpress-elegant-custom-fonts-plugin-1-0-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27438 – WordPress WP Translitera Plugin <= p1.2.5 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-27438
03 Mar 2023 — The WP Translitera plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, p1.2.5. • https://patchstack.com/database/vulnerability/wp-translitera/wordpress-wp-translitera-plugin-p1-2-5-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27441 – WordPress New Adman Plugin <= 1.6.8 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-27441
03 Mar 2023 — The New Adman plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.8. • https://patchstack.com/database/vulnerability/new-adman/wordpress-new-adman-plugin-1-6-8-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27442 – WordPress Leyka Plugin <= 3.29.2 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-27442
03 Mar 2023 — The Leyka plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.29.2. • https://patchstack.com/database/vulnerability/leyka/wordpress-leyka-plugin-3-29-2-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27445 – WordPress Blog Floating Button Plugin <= 1.4.12 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-27445
03 Mar 2023 — The Blog Floating Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.4.12. • https://patchstack.com/database/vulnerability/blog-floating-button/wordpress-blog-floating-button-plugin-1-4-12-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-47152 – WordPress clickfunnels Plugin <= 3.1.1 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2022-47152
02 Mar 2023 — The ClickFunnels plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.1.1. • https://patchstack.com/database/vulnerability/clickfunnels/wordpress-clickfunnels-plugin-3-1-1-cross-site-request-forgery-csrf? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-42882 – WordPress Simple CSV/XLS Exporter Plugin <= 1.5.8 is vulnerable to CSV Injection
https://notcve.org/view.php?id=CVE-2022-42882
02 Mar 2023 — The Simple CSV/XLS Exporter plugin for WordPress is vulnerable to CSV injection in versions up to, and including, 1.5.8. • https://patchstack.com/database/vulnerability/simple-csv-xls-exporter/wordpress-simple-csv-xls-exporter-plugin-1-5-8-authenticated-csv-injection-vulnerability? • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-1236: Improper Neutralization of Formula Elements in a CSV File •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27446 – WordPress DeepL Pro API translation Plugin <= 2.1.4 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-27446
02 Mar 2023 — The DeepL Pro API translation plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1.4. • https://patchstack.com/database/vulnerability/wpdeepl/wordpress-deepl-api-translation-plugin-plugin-2-1-4-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27453 – WordPress LWS Tools Plugin <= 2.3.1 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-27453
02 Mar 2023 — The LWS Tools plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.3.1. • https://patchstack.com/database/vulnerability/lws-tools/wordpress-lws-tools-plugin-2-3-1-cross-site-request-forgery-csrf-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •